gpt4 book ai didi

ansible - 如何用ansible删除当前的sudoer?

转载 作者:行者123 更新时间:2023-12-05 04:13:50 25 4
gpt4 key购买 nike

我知道这听起来很奇怪。但是我需要在正确设置我的剧本后删除当前用户。

我有一个更新服务器并正确配置用户和管理员的剧本。我使用给定的用户成为 root 并设置 admin 我的主要 sudoer。

只有当它不是 rootadmin 时,我才需要删除我剧本末尾的 ansible_ssh_user 吗?

以下解决方案不起作用

---
- hosts: all
become: yes
become_user: root


tasks:
- include_vars: secrets.yml

- name: add admin user
user: name={{ ADMIN_USERNAME }} password={{ ADMIN_PASSWORD | password_hash('sha512') }} shell=/bin/bash

- name: delete current sudoer if not admin or root
user: name={{ ansible_ssh_user }} state=absent remove=yes
when: ({{ ansible_ssh_user }}!={{ ADMIN_USERNAME }}) or ({{ ansible_ssh_user }}!={{ ADMIN_USERNAME }})

它返回:

userdel: user admin is currently used by process 23537

最佳答案

有点晚了,但为了将来的引用,我已经完成了这两项任务:

# first change the current ssh user to the new user
- name: user | switch current user to {{ new_user }}
set_fact:
current_user: "{{ ansible_user }}"
ansible_user: "{{ new_user }}"

# force remove the old user
- name: user | remove current user ({{ current_user }}) if it's not "{{ new_user }}"
become: yes
user:
name: "{{ current_user }}"
state: absent
remove: yes
force: yes
when: "current_user != new_user"

关于ansible - 如何用ansible删除当前的sudoer?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/36609083/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com